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DETAILED ACTION 
Status of Claims 



1 . Claims 1 -32 are pending. 



Claim Rejections • 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 

form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

3. Claims 1-2, 4-12 and 1 9-29 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Sturdy (USPN 2003/0158963, referred to as Sturdy). 



Claim 1: 

Sturdy teaches a method for network defense (Sturdy, ^ 0013: tactical datalink 
applications ... used by the military), comprising the steps of: 
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detecting mission events (Sturdy, H 0025: military missions) by processing 
communications packets and traffic streams (Sturdy, U 0013: military communications 
systems); 

forming mission tracks by processing said mission events (Sturdy, ^ 0037: 
tactical and mission data; EN: forming mission tracks is an inherent outcome of 
processing mission data); 

estimating mission sensitivities by processing said mission tracks (Sturdy, 1} 
0033: military unique functions); 

prioritizing network operations (Sturdy, Abstract: message priority management) 
by processing said mission sensitivities (Sturdy, Abstract: improving mission 
effectiveness); and 

correlating network alarms to missions by processing said mission sensitivities 
(Sturdy, H 0081: NETWORK CONFIGURATION AND STATUS functions; EN: The 
status functions compute status values based on correlating network alarms to mission 
functions), wherein said steps include a database of dynamic and a priori information 
(Sturdy, ^ 0081: stored data). 

Claim 2: 

Sturdy teaches the method of daim 1 wherein the step of detecting mission 
events by processing communications packets comprises of: 

receiving said communications packets (Sturdy, H 0052: messages received 
from ... network paths); 
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extracting said communicated information from said communication packets and 
traffic streams (Sturdy, H 0014: collection agents can be used to extract information); 

creating homogenous Information packages, from said communicated 
information (Sturdy, ^ 0108: messages created by the onboard military applications); 

detecting mission events (Sturdy, H 0025: military missions) by processing said 
homogeneous information package (Sturdy, ^ 0109: evaluating message); 



Claim 4: 

Sturdy teaches the method of daim 1, wherein the step of estimating mission 
sensitivities by processing said mission tracks comprises estimating mission sensitivity 
to network perturbations, using mission tracks (Sturdy, ^ 0107: tactical networks; EN: 
'tactical networks' inherently sense network perturbations and process accordingly). 

Claim 5: 

Sturdy teaches the method of daim 1 , wherein prioritizing network operations by 
processing said mission sensltlvltles(Sturdy, Abstract: improving mission effectiveness) 
comprises ordering said list of network operations (Sturdy, U 01 06: list and descriptions) 
by comparing said mission sensitivities. 



Claim 6: 
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Sturdy teaches the method of daim 1 , wherein the step of correlating network 
alarms to missions by processing said mission sensitivities comprises creating a list of 
relationships between each network alarm (Sturdy, ^ 0038: alerts for the pilot) and 
each mission using said mission sensitivity values (Sturdy, ^ 0038: end system status). 

Claim 7: 

Sturdy teaches the method of claim 4, wherein network perturbations comprise 
modifications to network devices, protocols, policies, or architecture through network 
management courses of actions (Sturdy, ^ 0106: Network management; EN: the 
limitations are implicit within network management). 

Claim 8: 

Sturdy teaches he method of claim 4, wherein network perturbations comprise 
modifications to network devices, protocols, policies, or architecture through attacks on 
network devices, protocols, policies, or architecture (Sturdy, H 0106: Network 
Management and Message Distribution; EN: the limitations are Implicit within network 
management). 

Claim 9: 

Sturdy teaches the method of daim 1 , wherein said database of dynamic and a 
priori information comprises: 
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providing a database of performance statistics and observation logs from earlier 
missions (Sturdy, ^ 0036: performance capability of the available military radios); 

providing a set of prespecified mission types (Sturdy, ^ 0020: types of data link 
messages; EN: 'types' of data links or radios define types of mission); 

for each mission type, providing a set of prespecified mission states (Sturdy, 
0036: mission computer, EN: the limitations are implicit within a mission computer); 

for each mission type, providing a set of prespecified mission events (Sturdy, U 
0036: mission computer; EN: the limitations are implicit within a mission computer); 

providing a set of prespecified network perturbations (Sturdy, ^ 0106: Network 
management; EN: the limitations are implicit within network management); 

providing a set of weighted mappings from network components to mission 
states (Sturdy, ^ 0036: mission computer EN: the limitations are implicit within a 
mission computer); 

providing a set of weighted mappings from network components to mission 
events (Sturdy, H 0036: mission computer; EN: the limitations are implicit within a 
mission computer); 

providing a set of mappings from network perturbations to network components 
(Sturdy, H 0106: Network management; EN: the limitations are implicit within network 
management); 

providing a set of prespecified network alarms (Sturdy, H 0038: alerts for the 

pilot); 
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providing a rule base for updating, adapting, and modifying mission types, 
mission states, mission events, networl< perturbations, networl< alarms, and mappings 
using said performance statistics and observation logs (Sturdy, ^ 0106: Network 
management). 

Claim 10: 

Sturdy teaches the method of claim 2, wherein said communicated information 
comprises packet source information, destination addresses and port Information 
(Sturdy, H 0044: Link-16 mission information). 

Claim 11: 

Sturdy teaches the method of claim 2, wherein the step of extracting said 
communicated information comprises scanning said communicated packets as an 
unstructured data stream (Sturdy, ^ 0083: scans messages received from various end 
systems). 

Claim 12: 

Sturdy teaches the method of claim 2, wherein the step of extracting said 
communicated information comprises comparing traffic stream characteristics to known 
usage patterns (Sturdy, 0083: Analyze data for TRENDS; EN: 'Trends' are the usage 
patterns). 
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Claim 19: 

Sturdy teaches the method of claim 4, further comprising the steps of: 

using a system dynamics model and a set of network perturbations (Sturdy, H 
0106: Network management) to produce a nominal version of the mission state at k+1 
and a perturbed version of the mission state at k+1 (Sturdy, H 0081: Determine network 
configuration and status); 

propagating out the nominal version of the mission state at k+1 and the perturbed 
version of the mission state at k+1 (Sturdy, ^ 0033: datalink operations), to a 
computation horizon (Sturdy, T| 0033: mission computer); and 

computing the difference between the overall mission effectiveness along the 
nominal version of the mission state and the perturbed version of the mission state 
(Sturdy, ^ 0081 : accesses overall capability). 

Claim 20: 

Sturdy teaches the method of claim 4, wherein the step of estimating mission 
sensitivity to network perturbations comprises using a closed-form expression to 
compute mission sensitivities (Sturdy, ^ 0036: computes the Actual Communication 
Performance (AGP) indicator; EN: The AGP is an explicit computation and hence a 
closed form). 



Claim 21: 
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Sturdy teaches the method of claim 19, wherein said set of network perturbations 
comprises a set of alternative network operation COAs (Sturdy, ^ 0106: Network 
management; EN: the limitations are implicit). 

Claim 22: 

Sturdy teaches the method of claim 19, wherein said set of network perturbations 
comprises a set of attacks on network devices, protocols, policies, and architecture 
(Sturdy, ^ 0106: Network management; EN: the limitations are implicit). 

Claim 23: 

Sturdy teaches the method of claim 20, wherein said set of network perturbations 
comprises a set of alternative network operation COAs (Sturdy, H 0106: Network 
management; EN: the limitations are implicit). 

Claim 24: 

Sturdy teaches the method of claim 20, wherein said set of network perturbations 
comprises a set of attacks on network devices, protocols, policies, and architecture 
(Sturdy, H 0106: Network management; EN: the limitations are implicit). 

Claim 25: 

Sturdy teaches the method of claim 5, wherein network operations comprise 
modifications to network devices, protocols, policies, or architecture through network 
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management courses of actions (Sturdy, U 0106: Network management; EN: the 
limitations are implicit). 



Claim 26: 

Sturdy teaches the method of claim 5, wherein network operations comprise 
modifications to network devices, protocols, policies, or architecture through attacks on 
network devices, protocols, policies, or architecture (Sturdy, U 0106: Network 
management; EN: the limitations are Implicit). 

Claim 27: 

Sturdy teaches the method of claim 6, wherein the list of relationships between 
each network alarm and each mission is constrained by numerical thresholds on said 
mission sensitivities (Sturdy, ^ 0083: evaluates threshold criteria established for 
decision points). 

Claim 28: 

Sturdy teaches the method of claim 6, wherein network alarms comprise 
messages indicating failures in network devices, protocols, policies, or architecture 
(Sturdy, ^ 0106: Network management; EN: the limitations are implicit). 



Claim 29: 
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Sturdy teaches the method of daim 6, wherein networl< alarms comprise 
messages indicating detection of network intrusions (Sturdy, ^ 0106: Network 
management; EN: the limitations are implicit). 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention Y/as made. 

5. Claims 3, 13-18 and 30-32 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Sturdy as applied to claim 1 above, and further In view of Nefiah 
(USPN 2004/0002863, referred to as Nefiah). 

Claim 3: 

Sturdy teaches the method of daim 1 , wherein the step of forming mission tracks 
by processing said mission events comprises: 

determining active mission types, using said mission events (Sturdy, ^ 0036: 
type of the radio; mission computer); 

determining state of each mission (Sturdy, ^ 0036: status and performance 
capability), using said mission events (Sturdy, K 0036: end systems 275 are connected 
to the mission computer); 
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Sturdy does not teadi producing a mission state vector for each mission. 
However, Nefian teaches state vectors (Nefian, 0020: state vector describing the 
state of the hidden nodes). Sturdy and Nefian are from the same field of endeavor, 
handling data run on a network processor. It would have been obvious to one of 
ordinary skill In the art to have modified Sturdy's Intelligent communications system with 
state vectors, for the benefit of manipulating and storing state information. 

Claim 13: 

Sturdy modified by Nefian teaches the method of claim 3, wherein the active 
mission types are determined through the use of a HMM (Nefian, ^ 0013: hidden 
Markov model). It would have been obvious to one of ordinary skill in the art to have 
modified Sturdy's intelligent communications system with HMM for the benefit of 
determining hidden mission types from the observable mission types. 

Claim 14: 

Sturdy modified by Nefian teaches the method of claim 3, wherein the state of 
each mission is determined through the use of a HMM (Nefian, U 0013: hidden Markov 
model). It would have been obvious to one of ordinary skill in the art to have modified 
Sturdy's Intelligent communications system with HMM for the benefit of determining 
hidden states from the observable states. 



Claim 15, 16: 
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Sturdy modified by Nefian teaches the method of claim 13, wherein mission 
HMM component determination comprises combining performance statistics from earlier 
missions with an Operational Sequence Diagram (Nefian, 1| 0019: HMM with a 
sequence of states). It would have been obvious to one of ordinary skill in the art to 
have modified Sturdy's intelligent communications system with the combination 
performance of HMM with a sequence of states, for the benefit of achieving continuous 
observable states. 

Claim 17: 

Sturdy modified by Nefian teaches the method of claim 3, wherein the step of 
determining said active mission types is performed inductively (Sturdy, ^ 0082: request 
is active ... to evaluate routing criteria; EN: To evaluate the routing criteria, the active 
requests would support the routing function without directly ensuring it, which is what 
inductive reasoning it). 

Claim 18: 

Sturdy modified by Nefian teaches the method of claim 17, wherein the step of 
determining said active mission types inductively, is through the use of the forward 
algorithm (Sturdy, 0082; EN: The induction discussed in claim 17 is a forward 
algorithm because its flow is from request to routing). 
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Claim 30, 31, 32: 

Sturdy does not teach the method of claim 19, wherein said system dynamics 
model Is a HMM. However, Nefian teaches the system dynamics model being a HMM 
(Nefian, ^ 0013: hidden Markov model). It would have been obvious to one of ordinary 
skill in the art to have modified Sturdy's intelligent communications system with HMM for 
the benefit of determining hidden model parameters from the observable ones. 

Examinations Considerations 

6. Examiner's Notes (EN) are provided with the cited references to prior art to assist 
the applicant to better understand the nature of the prior art, application of such prior art 
and, as appropriate, to further indicate other prior art that maybe applied in other office 
actions. Such comments are entirely consistent with the intent and spirit of compact 
prosecution. However, and unless othenvise stated, the Examiner's Notes are not prior 
art but a link to prior art that one of ordinary skill in the art would find inherently 
appropriate. 

7. Examiner has cited particular columns and line numbers (or paragraphs) in the 
references applied to the claims above for the convenience of the applicant. Although 
the specified citations are representative of the teachings of the art and are applied to 
specific limitations within the individual claim, other passages and figures may apply as 
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well. It is respectfully requested from the Applicant in preparing responses, to fully 
consider the references In their entirety as potentially teaching all or part of the claimed 
invention, as well as the context of the passage as taught by the prior art or disclosed 
by the Examiner. The entire reference is considered to provide disclosure relating to 
the claimed invention. 

Conclusion 

8. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

a. Tran, USPN 5606500, cited for state machines for sensors. 

9. Claims 1-32 are rejected. 

Correspondence Information 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Bharadwaj Kalpana whose telephone number is (571 ) 
270-1641. The examiner can normally be reached on Monday-Friday 7:30am 5:00 pm 
EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David Vincent can be reached on (571) 272-3080. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding tlie status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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